const {
    router,
    mysql,
    localStorage
} = require("../../../utils/require");
const qx = require("../../../utils/qx");
router.get("/roles", (req, res) => {
    let sql = "select role_name,describes,qx from `roles` where is_delete = 0";
    mysql.query(sql, (err, doc) => {
        res.send({
            data: doc,
            qx: localStorage.getItem("qx")
        })
    })
})


//只有超级管理员有权限
router.post("/addroles", async(req, res) => {
    let { role_name, describes } = req.body;
    let Permission = await qx.pbulic_qx(req.session.users.id);
    if (Permission.indexOf(1) > -1) {
        let sql = "insert into `roles` (role_name,describes) values (?,?)";
        mysql.query(sql, [role_name, describes], (err, doc) => {
            if (err) {
                throw err
            }
            res.send({
                code: 200,
                messages: "添加角色成功"
            })
        })
    } else {
        res.send({
            code: 400,
            messages: "没有权限"
        })
    }

})

router.post("/delroles", async(req, res) => {
    let { role_name } = req.body;
    let Permission = await qx.pbulic_qx(req.session.users.id);
    if (Permission.indexOf(1) > -1) {
        let sql = "update `roles` set is_delete= 1 where role_name= ?";
        mysql.query(sql, role_name, (err, doc) => {
            if (err) {
                throw err
            }
            res.send({
                code: 200,
                messages: "删除角色成功"
            })
        })
    } else {
        res.send({
            code: 400,
            messages: "没有权限"
        })
    }

})
router.use("/admin", require("./admin"));
module.exports = router;